PROFESSIONAL-CLOUD-DEVELOPER · Question #130
You are designing a resource-sharing policy for applications used by different teams in a Google Kubernetes Engine cluster. You need to ensure that all applications can access the resources needed to
The correct answer is B. Create a namespace for each team, and attach resource quotas to each namespace. C. Create a LimitRange to specify the default compute resource requirements for each namespace.. To share cluster resources fairly across teams in GKE, you need two complementary controls: (B) Namespaces with ResourceQuotas set hard aggregate limits on the total CPU, memory, and object counts a team's namespace can consume, preventing any one team from starving others. (C) L
Question
You are designing a resource-sharing policy for applications used by different teams in a Google Kubernetes Engine cluster. You need to ensure that all applications can access the resources needed to run. What should you do? (Choose two.)
Options
- ASpecify the resource limits and requests in the object specifications.
- BCreate a namespace for each team, and attach resource quotas to each namespace.
- CCreate a LimitRange to specify the default compute resource requirements for each namespace.
- DCreate a Kubernetes service account (KSA) for each application, and assign each KSA to the
- EUse the Anthos Policy Controller to enforce label annotations on all namespaces. Use taints and
How the community answered
(57 responses)- A11% (6)
- B81% (46)
- D5% (3)
- E4% (2)
Explanation
To share cluster resources fairly across teams in GKE, you need two complementary controls: (B) Namespaces with ResourceQuotas set hard aggregate limits on the total CPU, memory, and object counts a team's namespace can consume, preventing any one team from starving others. (C) LimitRanges set default requests and limits for containers within a namespace that do not specify their own, ensuring every pod has defined resource expectations so the scheduler can make placement decisions. Together, these two mechanisms implement Google-recommended namespace-based multi-tenancy. Option A (per-object resource specs) is good practice but insufficient alone-it doesn't cap aggregate consumption. Option D (Kubernetes service accounts) governs identity and API authorization, not compute resource allocation. Option E (Anthos Policy Controller with taints/tolerations) is an access control and workload placement mechanism, not a resource-sharing policy.
Topics
Community Discussion
No community discussion yet for this question.